It changes quality and form, this renders increase in number unnecessary. I personally saw many trend changes, as I was a kid when Kaspersky’s VirusList (now securelist) website got my interest towards malware, after I had a Zlob trojan infection. Misleading applications, screen lockers (early ransomware), encryptors, now file-less infostealers and ransomware that also uploads your data.
Either way, by running any top-notch AV, chances are not really high, as this will require heavy evasion, which in turn requires heavy research and funding. This might not be worthy for a home environment. GitHub is full of exploits, but finding and applying these is still time-consuimg. I sent a file-less Tesla sample to
@struppigel and this led to an AMSI bypass, freely available on GitHub and consisting of no more than 10 lines of code. It’s been released 3 months ago and it’s only been partially patched (System.net.WebClient has been disabled, but executable can still be smuggled). Pentesters are supposed to have a security spirit, yet they publish exploits, instead of working with companies to render them ineffective.
Even if they steal your credentials and CC details (identity theft), banks nowadays, as well as many websites, have become far more vigilant with location awareness, 2FA and many other factors. So a successful infection != successful compromise. If your information reaches the black market, it’s not guaranteed that attempts to use it will be made. Transaction disputes cause banks themselves to lose money and this might be dangerous for amateur attackers. For €0.99 banks will involve various security departments and institutions.
Other malware, such as bots/botnets, even if undetected initially, might be detected in few hours or days. It’s not guaranteed that the attacker will start sending out SPAM or DDoS traffic right after the infection. It’s not guaranteed that once activated, the bot won’t trigger a detection when it starts executing the script.
It’s worth mentioning that attackers themselves told me cryptojacking, as well as crypto-stealing is very stable in the long run, but this is normally done through RATs/ Backdoors and affects people who run no AV (again, attacker words). People frequently downloading cheats and cracks with no active AV are most threatened.
Ransomware infections are nasty and I see requests in the Malware Help section frequently. If you detect them just a minute later, this is already too late, but how difficult it is to backup or even encrypt all your data? Nowadays, information is moved mostly to the cloud and mobile, so your Windows security, or lack of such has become a less important factor than before. There are many ways to scam a user on any platform into providing information and funds voluntarily and this requires no malware at all.
The heavy task of keeping your data secure now falls to third-party companies, where you deposit it. These are very attractive target and/ or might be selling your data for pennies - regardless of the fact that you have installed various programs and tools, to protect your data and privacy.
